def add_override_score(tech_name, method, auditor, score, disabled,
pattern_scores):
"""
Adds an audit disable/override scores
:param tech_name: technology index
:param method: the neme of the auditor method to override
:param auditor: The class name of the auditor containing the check method
:param score: The default override score to assign to the check method issue
:param disabled: Flag indicating whether the check method should be run
:param pattern_scores: A comma separated list of account field values and scores.
This can be used to override the default score based on some field in the account
that the check method is running against. The format of each value/score is:
account_type.account_field.account_value=score
"""
from security_monkey.datastore import ItemAuditScore
from security_monkey.auditor import auditor_registry
if tech_name not in auditor_registry:
sys.stderr.write('Invalid tech name {}.\n'.format(tech_name))
sys.exit(1)
valid = False
auditor_classes = auditor_registry[tech_name]
for auditor_class in auditor_classes:
if auditor_class.__name__ == auditor:
valid = True
break
if not valid:
sys.stderr.write('Invalid auditor {}.\n'.format(auditor))
sys.exit(1)
if not getattr(auditor_class, method, None):
sys.stderr.write('Invalid method {}.\n'.format(method))
sys.exit(1)
if score is None and not disabled:
sys.stderr.write('Either score (-s) or disabled (-b) required')
sys.exit(1)
if score is None:
score = 0
query = ItemAuditScore.query.filter(ItemAuditScore.technology == tech_name)
method_str = "{method} ({auditor})".format(method=method, auditor=auditor)
query = query.filter(ItemAuditScore.method == method_str)
entry = query.first()
if not entry:
entry = ItemAuditScore()
entry.technology = tech_name
entry.method = method_str
entry.score = score
entry.disabled = disabled
if pattern_scores is not None:
scores = pattern_scores.split(',')
for score in scores:
left_right = score.split('=')
if len(left_right) != 2:
sys.stderr.write(
'pattern_scores (-p) format account_type.account_field.account_value=score\n'
)
sys.exit(1)
account_info = left_right[0].split('.')
if len(account_info) != 3:
sys.stderr.write(
'pattern_scores (-p) format account_type.account_field.account_value=score\n'
)
sys.exit(1)
from security_monkey.account_manager import account_registry
if account_info[0] not in account_registry:
sys.stderr.write('Invalid account type {}\n'.format(
account_info[0]))
sys.exit(1)
entry.add_or_update_pattern_score(account_info[0], account_info[1],
account_info[2],
int(left_right[1]))
db.session.add(entry)
db.session.commit()
db.session.close()
def post(self):
"""
.. http:post:: /api/1/auditscores
Create a new override audit score.
**Example Request**:
.. sourcecode:: http
POST /api/1/auditscores HTTP/1.1
Host: example.com
Accept: application/json
{
"method": "check_xxx",
"technology": "policy",
"score": 1
}
**Example Response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 123,
"name": "Corp",
"notes": "Corporate Network",
"cidr": "1.2.3.4/22"
}
:statuscode 201: created
:statuscode 401: Authentication Error. Please Login.
"""
self.reqparse.add_argument('method',
required=True,
type=text_type,
help='Must provide method name',
location='json')
self.reqparse.add_argument('technology',
required=True,
type=text_type,
help='Technology required.',
location='json')
self.reqparse.add_argument('score',
required=False,
type=text_type,
help='Override score required',
location='json')
self.reqparse.add_argument('disabled',
required=True,
type=text_type,
help='Disabled flag',
location='json')
args = self.reqparse.parse_args()
method = args['method']
technology = args['technology']
score = args['score']
if score is None:
score = 0
disabled = args['disabled']
query = ItemAuditScore.query.filter(
ItemAuditScore.technology == technology)
query = query.filter(ItemAuditScore.method == method)
auditscore = query.first()
if not auditscore:
auditscore = ItemAuditScore()
auditscore.method = method
auditscore.technology = technology
auditscore.score = int(score)
auditscore.disabled = bool(disabled)
db.session.add(auditscore)
db.session.commit()
db.session.refresh(auditscore)
auditscore_marshaled = marshal(auditscore.__dict__, AUDIT_SCORE_FIELDS)
auditscore_marshaled['auth'] = self.auth_dict
return auditscore_marshaled, 201
def add_override_score(tech_name, method, auditor, score, disabled, pattern_scores):
"""
Adds an audit disable/override scores
:param tech_name: technology index
:param method: the neme of the auditor method to override
:param auditor: The class name of the auditor containing the check method
:param score: The default override score to assign to the check method issue
:param disabled: Flag indicating whether the check method should be run
:param pattern_scores: A comma separated list of account field values and scores.
This can be used to override the default score based on some field in the account
that the check method is running against. The format of each value/score is:
account_type.account_field.account_value=score
"""
from security_monkey.datastore import ItemAuditScore
from security_monkey.auditor import auditor_registry
if tech_name not in auditor_registry:
sys.stderr.write('Invalid tech name {}.\n'.format(tech_name))
sys.exit(1)
valid = False
auditor_classes = auditor_registry[tech_name]
for auditor_class in auditor_classes:
if auditor_class.__name__ == auditor:
valid = True
break
if not valid:
sys.stderr.write('Invalid auditor {}.\n'.format(auditor))
sys.exit(1)
if not getattr(auditor_class, method, None):
sys.stderr.write('Invalid method {}.\n'.format(method))
sys.exit(1)
if score is None and not disabled:
sys.stderr.write('Either score (-s) or disabled (-b) required')
sys.exit(1)
if score is None:
score = 0
query = ItemAuditScore.query.filter(ItemAuditScore.technology == tech_name)
method_str = "{method} ({auditor})".format(method=method, auditor=auditor)
query = query.filter(ItemAuditScore.method == method_str)
entry = query.first()
if not entry:
entry = ItemAuditScore()
entry.technology = tech_name
entry.method = method_str
entry.score = score
entry.disabled = disabled
if pattern_scores is not None:
scores = pattern_scores.split(',')
for score in scores:
left_right = score.split('=')
if len(left_right) != 2:
sys.stderr.write('pattern_scores (-p) format account_type.account_field.account_value=score\n')
sys.exit(1)
account_info = left_right[0].split('.')
if len(account_info) != 3:
sys.stderr.write('pattern_scores (-p) format account_type.account_field.account_value=score\n')
sys.exit(1)
from security_monkey.account_manager import account_registry
if account_info[0] not in account_registry:
sys.stderr.write('Invalid account type {}\n'.format(account_info[0]))
sys.exit(1)
entry.add_or_update_pattern_score(account_info[0], account_info[1], account_info[2], int(left_right[1]))
db.session.add(entry)
db.session.commit()
db.session.close()
def post(self):
"""
.. http:post:: /api/1/auditscores
Create a new override audit score.
**Example Request**:
.. sourcecode:: http
POST /api/1/auditscores HTTP/1.1
Host: example.com
Accept: application/json
{
"method": "check_xxx",
"technology": "policy",
"score": 1
}
**Example Response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 123,
"name": "Corp",
"notes": "Corporate Network",
"cidr": "1.2.3.4/22"
}
:statuscode 201: created
:statuscode 401: Authentication Error. Please Login.
"""
self.reqparse.add_argument('method', required=True, type=unicode, help='Must provide method name',
location='json')
self.reqparse.add_argument('technology', required=True, type=unicode, help='Technology required.',
location='json')
self.reqparse.add_argument('score', required=False, type=unicode, help='Override score required',
location='json')
self.reqparse.add_argument('disabled', required=True, type=unicode, help='Disabled flag',
location='json')
args = self.reqparse.parse_args()
method = args['method']
technology = args['technology']
score = args['score']
if score is None:
score = 0
disabled = args['disabled']
query = ItemAuditScore.query.filter(ItemAuditScore.technology == technology)
query = query.filter(ItemAuditScore.method == method)
auditscore = query.first()
if not auditscore:
auditscore = ItemAuditScore()
auditscore.method = method
auditscore.technology = technology
auditscore.score = int(score)
auditscore.disabled = bool(disabled)
db.session.add(auditscore)
db.session.commit()
db.session.refresh(auditscore)
auditscore_marshaled = marshal(auditscore.__dict__, AUDIT_SCORE_FIELDS)
auditscore_marshaled['auth'] = self.auth_dict
return auditscore_marshaled, 201